An efficient blockchain for decentralized ABAC policy decision point

IF 6.2 2区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS Future Generation Computer Systems-The International Journal of Escience Pub Date : 2025-05-01 Epub Date: 2025-01-25 DOI:10.1016/j.future.2025.107732

Qiwei Hu , Miguel Correia , Tao Jiang

{"title":"An efficient blockchain for decentralized ABAC policy decision point","authors":"Qiwei Hu , Miguel Correia , Tao Jiang","doi":"10.1016/j.future.2025.107732","DOIUrl":null,"url":null,"abstract":"<div><div>Blockchain-enabled Policy Decision Point (PDP) has been a promising solution to the centralization concern in practical deployment of Attribute-Based Access Control (ABAC). However, existing blockchain systems cannot support PDP adequately since PDP functionalities introduce extra latency to blockchain’s execution process and limits system throughput. This paper proposes an efficient PDP Blockchain (PDPB) by exploiting a minimum-redundancy execution paradigm. Concretely, we design a novel Echo-Based Execution Conclude (EBEC) mechanism to enable minimum redundancy request evaluation while ensure blockchain safety and liveness. Two optimization techniques, Echo Compacting (EC) and Load Balancing (LB), are proposed to reduce the communication and computation overhead of PDPB and further enhance its performance. We implement a prototype of PDPB and evaluate it on Amazon Web Services (AWS) servers. The results show that PDPB achieves more than 35.6% performance improvement over existing methods.</div></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":"166 ","pages":"Article 107732"},"PeriodicalIF":6.2000,"publicationDate":"2025-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X25000275","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/1/25 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Blockchain-enabled Policy Decision Point (PDP) has been a promising solution to the centralization concern in practical deployment of Attribute-Based Access Control (ABAC). However, existing blockchain systems cannot support PDP adequately since PDP functionalities introduce extra latency to blockchain’s execution process and limits system throughput. This paper proposes an efficient PDP Blockchain (PDPB) by exploiting a minimum-redundancy execution paradigm. Concretely, we design a novel Echo-Based Execution Conclude (EBEC) mechanism to enable minimum redundancy request evaluation while ensure blockchain safety and liveness. Two optimization techniques, Echo Compacting (EC) and Load Balancing (LB), are proposed to reduce the communication and computation overhead of PDPB and further enhance its performance. We implement a prototype of PDPB and evaluate it on Amazon Web Services (AWS) servers. The results show that PDPB achieves more than 35.6% performance improvement over existing methods.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

一种高效的分散ABAC策略决策点区块链

在基于属性的访问控制（ABAC）的实际部署中，支持区块链的策略决策点（PDP）是解决集中化问题的一个很有前途的解决方案。然而，现有的区块链系统不能充分支持PDP，因为PDP功能给区块链的执行过程带来了额外的延迟，并限制了系统吞吐量。本文利用最小冗余执行范式提出了一种高效的PDP区块链（PDPB）。具体而言，我们设计了一种新颖的基于回波的执行结论（EBEC）机制，以实现最小冗余请求评估，同时确保区块链的安全性和活跃性。为了降低PDPB的通信和计算开销，进一步提高PDPB的性能，提出了回声压缩（EC）和负载平衡（LB）两种优化技术。我们实现了PDPB的原型，并在Amazon Web Services （AWS）服务器上对其进行了评估。结果表明，与现有方法相比，PDPB的性能提高了35.6%以上。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Future Generation Computer Systems-The International Journal of Escience 工程技术-计算机：理论方法

CiteScore

19.90

自引率

2.70%

发文量

376

审稿时长

10.6 months

期刊介绍： Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications. Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration. Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.